Exemplo n.º 1
0
 /**
  * Display git commit(s) log(s)
  * 
  * Todo: refactoring..
  */
 public function actionHistory()
 {
     $builder = new CommandBuilder();
     $hash = \Yii::$app->request->get('c');
     $pathToJson = $this->module->swaggerPath;
     // set executable external!!!
     // @chmod(__DIR__ . '/../ansi2html.sh', 0755);
     if ($hash && preg_match('#[a-z0-9]{4,40}#', $hash)) {
         $commands = [];
         $commands[] = $builder->setCommand(new Command('cd'))->addArgument(new Argument(dirname($pathToJson)))->build();
         $commands[] = $builder->setCommand(new Command('git'))->addArgument(new Argument('log'))->addFlag(new Flag('--color'))->addFlag(new Flag('-p'))->addFlag(new Flag('-1'))->addArgument(new Argument($hash))->addFlag(new Flag('--'))->addArgument(new Argument('./' . basename($pathToJson)))->build();
         $result = shell_exec(implode('; ', $commands) . ' | ' . __DIR__ . '/../ansi2html.sh');
         echo $result;
         \Yii::$app->end();
     }
     $format = '<tr class="log-item">';
     $format .= '<td class="log-hash">%h</td>';
     $format .= '<td class="log-date">%ad</td>';
     $format .= '<td class="log-short-comment">%s</td>';
     $format .= '<td class="log-full-comment">%b</td>';
     $format .= '</tr>';
     $commands = [];
     $commands[] = $builder->setCommand(new Command('cd'))->addArgument(new Argument(dirname($pathToJson)))->build();
     $commands[] = $builder->setCommand(new Command('git'))->addArgument(new Argument('log'))->addFlag(new Flag('--color'))->addOption(new Option('--pretty', 'format:' . $format))->addFlag(new Flag('--no-merges'))->addFlag(new Flag('-10'))->addFlag(new Flag('--'))->addArgument(new Argument('./' . basename($pathToJson)))->build();
     echo '<table>';
     echo stripslashes(shell_exec(implode('; ', $commands)));
     echo '</table>';
     \Yii::$app->end();
 }
Exemplo n.º 2
0
 public function testCommandWithInjectionInArgument()
 {
     $path = 'path/to/any/directory/with/file.tes';
     $builder = new CommandBuilder();
     $cmd = $builder->setCommand(new Command('git'))->addArgument(new Argument('log'))->addFlag(new Flag('--color'))->addFlag(new Flag('-p'))->addFlag(new Flag('-1'))->addArgument(new Argument('db3b7f6f645; rm -rf /etc'))->addFlag(new Flag('--'))->addArgument(new Argument('./' . basename($path)))->build();
     self::assertEquals("git 'log' --color -p -1 'db3b7f6f645\\; rm -rf /etc' -- './file.tes'", $cmd);
 }